Hackers using Find My iPhone feature to hold Apple devices for ransom

There have been a number of Australian iPhone, iPad and Mac users getting their devices hacked, according to reports. Based on discussions from the Apple forums, it appears hackers are locking out users from their own devices via the Find My iPhone feature.

The hackers are able to send the affected users messages and, in some cases, are demanding $50 and $100 payments sent to a PayPal account in order to unlock the devices. One user received a message on an iMac saying "Device hacked by Oleg Pliss." Most individuals targeted report that all of the Apple devices they own have been hacked as opposed to just a single one.

Based on reports it appears that due to the fact that the attacks are coming through Find My iPhone, they are more likely a login info vulnerability than malware or something of that nature. It has been suggested that the hackers may have accessed the iCloud accounts via leaked email passwords and then exploited users who reused that login info for their Apple ID. Some users were able to regain access of their devices because they had already set a passcode. Find My iPhone can only create a passcode if there isn't one already set, not change it. A passcode can only be changed from directly on the device.

Those targeted should get in touch with Apple right away to find some kind of workaround. Many are advising to ensure two-step verification is enabled where possible, not use the same passwords for different accounts and to reset iCloud passwords when possible.